One thing is clear following our recent “FCPA 2014” event in Houston. Anti-bribery is on the minds of many compliance officers and general counsels. Two key areas were particularly interesting to the 70 attendees, including the need for compliance risk assessments and understanding how to deploy resources to prioritize risks.
It was obvious from the participants that the recent anti-bribery allegations in China carried a great deal of weight. Just the day before our discussion, Chinese officials said that they would not take actions against GlaxoSmithKline as a company, but only charge specific Chinese GSK executives. Many organizations continue to have issues identifying who counts as a “government official” when it comes to matters such as facilitation payments to foreign authorities and why training on this important aspect of bribery and corruption is essential. This is especially a problem in China, where a large percentage of businesses are state-owned, meaning many employees are technically government officials.
There were several questions on how an organization can manage and monitor so many risks for so many vendors and possibly afford to investigate all suspicious activity. Marc Litt of Baker McKenzie Consulting (filling in for Stephen Martin who was called out of country at the last minute) said that part of showing your program is “well-designed” is being able to prioritize risks (likelihood and severity) and focus your resources on the biggest risks. Marc provided an overview of the primary elements of corporate compliance programs, particularly stressing the importance of starting with risk assessments and mapping your program to these risks.
FCPA expert Tom Fox focused on corporate anti-bribery investigations. Internal investigations can be tricky, as leadership weighs the possible consequences of the investigation with the best interests of the company. Tom was asked to clarify how legal teams should communicate and apply Upjohn warnings so that employees understand that the investigating attorney represents the corporation, not the employee. Tom also stressed his edict of “document, document, document” in regards to maintaining an audit trail of all items used and actions taken during an investigation.
Compliance leaders and corporate counsel alike are realizing the benefits of technology in their FCPA compliance efforts. Along with Patrick Taylor of Oversight Systems, we discussed the insights that are possible from bringing together transaction monitoring and compliance data, so that organizations can monitor transactions for fraud by using analytics that evaluate several factors typically connected to fraudulent activity. In this way, organizations can get a 360-degree view of bad actors involved in suspicious transactions and how these bad actors are connected to other things – policy attestations, training results, other incidents, etc. This integrated approach brings together data that typically lives in different departments, i.e. transaction monitoring likely lives with Audit/Finance whereas policy/training data lives with Compliance. Mirroring Tom’s statement, our admonition was to “prioritize, prioritize, prioritize” and leverage integration technology to drive resources to the biggest risks.
FCPA Compliance Whitepaper Series
In this whitepaper series authored by FCPA expert Tom Fox, we examine the vigorous increase in US FCPA enforcement actions we’ve seen in 2013, which should have your organization examining all efforts to maintain FCPA compliance. This begs the question… is your compliance program defensible?
Subscribe to our Whitepaper Series